我尝试在 Google Cloud Run 上部署 Keycloak,但遇到错误,指出修订版尚未准备好,无法提供流量,因为用户提供的容器无法启动并侦听 PORT=8080 环境定义的端口多变的。尽管在 Docker Compose 中设置了正确的端口配置并确保容器应侦听端口 8080,但部署还是失败。该错误消息建议检查日志以获取更多详细信息,这表明容器启动和侦听指定端口时出现问题。
我做了什么?
我已经使用 Keycloak 和 PostgreSQL 服务设置了一个 Docker Compose 文件,为 Keycloak 指定了端口 8080 并调整了必要的环境变量。我期望 Keycloak 服务能够成功启动并侦听端口 8080,特别是因为此配置在本地工作。但是,在部署到 Cloud Run 时,我收到与容器未在端口 8080 上启动相关的错误。我按照建议检查了 Cloud Run 日志,但需要进一步指导来解决导致容器启动失败的特定问题。 (见下面的错误)
预期结果: 我希望 Keycloak 容器能够在 Cloud Run 上成功启动并运行,侦听端口 8080 并可访问以进行进一步配置和使用。
实际结果: 尽管配置看似正确,但部署过程失败,并出现与容器未启动和侦听定义端口相关的错误。
Docker Compose 配置: 为了提供更多上下文,这是我正在使用的 Docker Compose 配置:
yaml
version: '3.8'
services:
keycloak:
image: quay.io/keycloak/keycloak:latest
platform: linux/arm64/v8
command: start-dev
environment:
KC_DB: postgres
KC_DB_URL_HOST: postgres_keycloak_demo
KC_DB_URL_DATABASE: keycloak
KC_DB_PASSWORD: password
KC_DB_USERNAME: keycloak
KC_DB_SCHEMA: public
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
ports:
- "8890:8080"
depends_on:
- postgres_keycloak_demo
networks:
- keycloak_demo_dev_network
postgres_keycloak_demo:
image: postgres:latest
platform: linux/arm64/v8
command: ["postgres", "-c", "max_connections=200"]
volumes:
- pgdata_keycloak_demo:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
healthcheck:
test: ["CMD", "pg_isready", "-U", "keycloak"]
interval: 10s
timeout: 5s
retries: 5
ports:
- "5436:5432"
networks:
- keycloak_demo_dev_network
volumes:
pgdata_keycloak_demo:
networks:
keycloak_demo_dev_network:
driver: bridge
这是我的
docker ps
命令的输出:
| CONTAINER ID | IMAGE | COMMAND | CREATED | STATUS | PORTS | NAMES |
|--------------|------------------------------------|------------------------|--------------|----------------------|------------------------------------|------------------------------|
| 9d9bb4ae9d86 | quay.io/keycloak/keycloak:latest | "/opt/keycloak/bin/k…" | 19 hours ago | Up 19 hours | 8443/tcp, 0.0.0.0:8890->8080/tcp | key-keycloak-1 |
| 77481917a5cd | postgres:latest | "docker-entrypoint.s…" | 19 hours ago | Up 19 hours (healthy)| 0.0.0.0:5436->5432/tcp | key-postgres_keycloak_demo-1 |
附件:
这是 JSON 内容:
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {
"code": 9,
"message": "Ready condition status changed to False for Revision keycloak-00001-w8m with message: The user-provided container failed to start and listen on the port defined provided by the PORT=8080 environment variable. Logs for this revision might contain more information.\n\nLogs URL: https://console.cloud.google.com/logs/viewer?project=key-api-prod&resource=cloud_run_revision/service_name/keycloak/revision_name/keycloak-00001-w8m&advancedFilter=resource.type%3D%22cloud_run_revision%22%0Aresource.labels.service_name%3D%22keycloak%22%0Aresource.labels.revision_name%3D%22keycloak-00001-w8m%22 \nFor more troubleshooting guidance, see https://cloud.google.com/run/docs/troubleshooting#container-failed-to-start"
},
"serviceName": "run.googleapis.com",
"methodName": "v1",
"resourceName": "namespaces/key-api-prod/revisions/keycloak-00001-w8m",
"response": {
"metadata": {
"name": "keycloak-00001-w8m",
"namespace": "341831814885",
"selfLink": "/apis/serving.knative.dev/v1/namespaces/341831814885/revisions/keycloak-00001-w8m",
"uid": "8c36252b-8f91-47f6-a567-107de98402ad",
"resourceVersion": "AAYSX17OrZk",
"generation": 1,
"creationTimestamp": "2024-02-27T16:17:46.228860Z",
"labels": {
"serving.knative.dev/route": "keycloak",
"serving.knative.dev/configuration": "keycloak",
"serving.knative.dev/configurationGeneration": "1",
"serving.knative.dev/service": "keycloak",
"serving.knative.dev/serviceUid": "0f16338f-0676-49db-b6f7-0b8217a12d3a",
"cloud.googleapis.com/location": "us-central1",
"run.googleapis.com/startupProbeType": "Default"
},
"annotations": {
"run.googleapis.com/client-name": "cloud-console",
"serving.knative.dev/creator": "[email protected]",
"autoscaling.knative.dev/maxScale": "100",
"run.googleapis.com/operation-id": "e879ab8e-23e7-417f-a25e-d21373ddab85",
"run.googleapis.com/startup-cpu-boost": "true"
},
"ownerReferences": [
{
"kind": "Configuration",
"name": "keycloak",
"uid": "cf3b09da-e30d-4fd9-986c-6b3b58219f84",
"apiVersion": "serving.knative.dev/v1",
"controller": true,
"blockOwnerDeletion": true
}
]
},
"apiVersion": "serving.knative.dev/v1",
"kind": "Revision",
"spec": {
"containerConcurrency": 80,
"timeoutSeconds": 300,
"serviceAccountName": "[email protected]",
"containers": [
{
"name": "keycloak-1",
"image": "gcr.io/key-api-prod/keycloak@sha256:fb0fc1584a37eaee6bc862ce51f20c7326986bcc11b90f01733d9e37573f0a28",
"ports": [
{
"name": "http1",
"containerPort": 8080
}
],
"resources": {
"limits": {
"cpu": "1000m",
"memory": "512Mi"
}
},
"startupProbe": {
"timeoutSeconds": 240,
"periodSeconds": 240,
"failureThreshold": 1,
"tcpSocket": {
"port": 8080
}
}
}
]
},
"status": {
"observedGeneration": 1,
"conditions": [
{
"type": "Ready",
"status": "False",
"reason": "HealthCheckContainerError",
"message": "The user-provided container failed to start and listen on the port defined provided by the PORT=8080 environment variable. Logs for this revision might contain more information.\n\nLogs URL: https://console.cloud.google.com/logs/viewer?project=key-api-prod&resource=cloud_run_revision/service_name/keycloak/revision_name/keycloak-00001-w8m&advancedFilter=resource.type%3D%22cloud_run_revision%22%0Aresource.labels.service_name%3D%22keycloak%22%0Aresource.labels.revision_name%3D%22keycloak-00001-w8m%22 \nFor more troubleshooting guidance, see https://cloud.google.com/run/docs/troubleshooting#container-failed-to-start",
"lastTransitionTime": "2024-02-27T16:18:02.060185Z"
},
{
"type": "ContainerHealthy",
"status": "False",
"reason": "HealthCheckContainerError",
"message": "The user-provided container failed to start and listen on the port defined provided by the PORT=8080 environment variable. Logs for this revision might contain more information.\n\nLogs URL: https://console.cloud.google.com/logs/viewer?project=key-api-prod&resource=cloud_run_revision/service_name/keycloak/revision_name/keycloak-00001-w8m&advancedFilter=resource.type%3D%22cloud_run_revision%22%0Aresource.labels.service_name%3D%22keycloak%22%0Aresource.labels.revision_name%3D%22keycloak-00001-w8m%22 \nFor more troubleshooting guidance, see https://cloud.google.com/run/docs/troubleshooting#container-failed-to-start",
"lastTransitionTime": "2024-02-27T16:18:02.060185Z"
},
{
"type": "ContainerReady",
"status": "True",
"lastTransitionTime": "2024-02-27T16:17:55.202183Z"
},
{
"type": "ResourcesAvailable",
"status": "True",
"lastTransitionTime": "2024-02-27T16:18:01.667535Z"
},
{
"type": "Retry",
"status": "True",
"reason": "ImmediateRetry",
"message": "System will retry after 0:00:00 from lastTransitionTime for attempt 0.",
"lastTransitionTime": "2024-02-27T16:18:01.667535Z",
"severity": "Info"
}
],
"logUrl": "https://console.cloud.google.com/logs/viewer?project=key-api-prod&resource=cloud_run_revision/service_name/keycloak/revision_name/keycloak-00001-w8m&advancedFilter=resource.type%3D%22cloud_run_revision%22%0Aresource.labels.service_name%3D%22keycloak%22%0Aresource.labels.revision_name%3D%22keycloak-00001-w8m%22",
"imageDigest": "gcr.io/key-api-prod/keycloak@sha256:fb0fc1584a37eaee6bc862ce51f20c7326986bcc11b90f01733d9e37573f0a28",
"containerStatuses": [
{
"name": "keycloak-1",
"imageDigest": "gcr.io/key-api-prod/keycloak@sha256:fb0fc1584a37eaee6bc862ce51f20c7326986bcc11b90f01733d9e37573f0a28"
}
]
},
"@type": "type.googleapis.com/google.cloud.run.v1.Revision"
}
},
"insertId": "-db1h52daq84",
"resource": {
"type": "cloud_run_revision",
"labels": {
"project_id": "key-api-prod",
"service_name": "keycloak",
"configuration_name": "keycloak",
"revision_name": "keycloak-00001-w8m",
"location": "us-central1"
}
},
"timestamp": "2024-02-27T16:18:02.076244Z",
"severity": "ERROR",
"logName": "projects/key-api-prod/logs/cloudaudit.googleapis.com%2Fsystem_event",
"receiveTimestamp": "2024-02-27T16:18:02.274899828Z"
}
这是第二个错误
{
"textPayload": "terminated: Application failed to start: failed to load /opt/keycloak/bin/kc.sh: exec format error",
"insertId": "65de0b39000f3051af98d2df",
"resource": {
"type": "cloud_run_revision",
"labels": {
"revision_name": "keycloak-00001-w8m",
"service_name": "keycloak",
"configuration_name": "keycloak",
"location": "us-central1",
"project_id": "key-api-prod"
}
},
"timestamp": "2024-02-27T16:18:01.995375042Z",
"severity": "ERROR",
"labels": {
"instanceId": "00d087f5e0f41e4ed5541a1fa2e1b346e2a50506a851b826e994e75cfda26e0664ee0f8f5630b6709c16eb47e1214003fc8f57462632d76af38dcc7859cfaaf5"
},
"logName": "projects/key-api-prod/logs/run.googleapis.com%2Fvarlog%2Fsystem",
"receiveTimestamp": "2024-02-27T16:18:02.001989221Z"
}
Cloud Run 不使用 Docker Compose,因此当您部署到 Cloud Run 时,不会选择 Compose 文件中的任何配置。您需要将配置指定为 knative 服务 yaml (https://cloud.google.com/run/docs/reference/yaml/v1#service) 或通过标志将其传递给 gcloud run deploy。